//[Authorize(Policy = "RefreshTokenPolicy")] Should probably make this work public async Task<IActionResult> PostRefreshAccessToken() { var userName = User.FindFirst(ClaimTypes.NameIdentifier).Value; _logger.LogInformation("Fetching new access token for " + userName); var identity = await GetClaimsIdentity(userName); var claims = await GetClaims(userName); var claimsForAccessToken = claims.ToList(); claimsForAccessToken.Add(identity.FindFirst("role")); // Create the JWT security token and encode it. var jwtAccessToken = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claimsForAccessToken.ToArray(), notBefore: _jwtOptions.NotBefore, expires: DateTime.UtcNow.Add(_jwtOptions.ValidFor), signingCredentials: _jwtOptions.SigningCredentials); var encodedJwtAccess = new JwtSecurityTokenHandler().WriteToken(jwtAccessToken); // Serialize and return the response var response = new { access_token = encodedJwtAccess, expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; var json = JsonConvert.SerializeObject(response, _serializerSettings); return new OkObjectResult(json); }
public IActionResult IsLoginUserOwner([FromBody]Client client) { try { #region Error Checking GenericResponseVM genericResponse = null; if (client == null && string.IsNullOrWhiteSpace(client.Url)) { genericResponse = new GenericResponseVM() { Code = HttpStatusCode.BadRequest.ToString(), Value = errorSettings.MessageNoInputs, IsError = true }; return matterCenterServiceFunctions.ServiceResponse(genericResponse, (int)HttpStatusCode.OK); } #endregion bool isLoginUserOwner = userRepositoy.IsLoginUserOwner(client); var loginUserPartOfOwnerGroup = new { IsLoginUserOwner = isLoginUserOwner }; return matterCenterServiceFunctions.ServiceResponse(loginUserPartOfOwnerGroup, (int)HttpStatusCode.OK); } catch (Exception ex) { customLogger.LogError(ex, MethodBase.GetCurrentMethod().DeclaringType.Name, MethodBase.GetCurrentMethod().Name, logTables.SPOLogTable); throw; } }
public IActionResult DownloadAttachmentsAsStream([FromBody]MailAttachmentDetails mailAttachmentDetails) { try { #region Error Checking GenericResponseVM genericResponse = null; if (mailAttachmentDetails == null && mailAttachmentDetails.FullUrl == null) { genericResponse = new GenericResponseVM() { Value = errorSettings.MessageNoInputs, Code = HttpStatusCode.BadRequest.ToString(), IsError = true }; return matterCenterServiceFunctions.ServiceResponse(genericResponse, (int)HttpStatusCode.OK); } #endregion Stream downloadAttachments = documentProvision.DownloadAttachments(mailAttachmentDetails); var fileContentResponse = new HttpResponseMessage(HttpStatusCode.OK); fileContentResponse.Headers.Clear(); fileContentResponse.Content = new StreamContent(downloadAttachments); fileContentResponse.Content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue(DocumentProvision.ReturnExtension(string.Empty)); //fileContentResponse.Headers.Add("Content-Type", ReturnExtension(string.Empty)); fileContentResponse.Content.Headers.Add("Content-Length", downloadAttachments.Length.ToString()); fileContentResponse.Content.Headers.Add("Content-Description", "File Transfer"); //application/octet-stream fileContentResponse.Content.Headers.Add("Content-Disposition", "attachment; filename=" + documentSettings.TempEmailName + new Guid().ToString() + ServiceConstants.EMAIL_FILE_EXTENSION); fileContentResponse.Content.Headers.Add("Content-Transfer-Encoding", "binary"); fileContentResponse.Content.Headers.Expires = DateTimeOffset.Now.AddDays(-1); ; fileContentResponse.Headers.Add("Cache-Control", "must-revalidate, post-check=0, pre-check=0"); fileContentResponse.Headers.Add("Pragma", "public"); var fileAttachmentContent = fileContentResponse.Content.ReadAsStringAsync(); var response = new { fileAttachment = fileAttachmentContent, fileName = documentSettings.TempEmailName + Guid.NewGuid().ToString() + ServiceConstants.EMAIL_FILE_EXTENSION }; return new ObjectResult(response); } catch (Exception ex) { customLogger.LogError(ex, MethodBase.GetCurrentMethod().DeclaringType.Name, MethodBase.GetCurrentMethod().Name, logTables.SPOLogTable); throw; } }
public async Task<IActionResult> Post(string userName, string password, bool rememberMe) { //todo: Ensure that these input values are not logged. var identity = await GetClaimsIdentity(userName, password, rememberMe); if (identity == null) { _logger.LogInformation($"Invalid username ({userName}))"); return BadRequest("Invalid credentials"); } var claims = await GetClaims(userName); var claimsForAccessToken = claims.ToList(); claimsForAccessToken.Add(identity.FindFirst("role")); var claimsForRefreshToken = claims.ToList(); claimsForRefreshToken.Add(new Claim("RefreshToken", "RefreshToken")); // Create the JWT security token and encode it. var jwtAccessToken = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claimsForAccessToken.ToArray(), notBefore: _jwtOptions.NotBefore, expires: DateTime.UtcNow.Add(_jwtOptions.ValidFor), signingCredentials: _jwtOptions.SigningCredentials); var jwtRefreshToken = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claimsForRefreshToken.ToArray(), notBefore: _jwtOptions.NotBefore, expires: DateTime.UtcNow.AddMonths(3), signingCredentials: _jwtOptions.SigningCredentials); var encodedJwtAccess = new JwtSecurityTokenHandler().WriteToken(jwtAccessToken); var encodedJwtRefresh = new JwtSecurityTokenHandler().WriteToken(jwtRefreshToken); //todo: Save refresh-token i database. So that it can be revoked. // Serialize and return the response var response = new { access_token = encodedJwtAccess, refresh_token = encodedJwtRefresh, expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; var json = JsonConvert.SerializeObject(response, _serializerSettings); return new OkObjectResult(json); }
public async Task<JsonResult> GetApiKey() { var user = await GetCurrentUserAsync(); if (user != null) { var config = new { protocol = _config.GetValue<string>("NLE_PROTOCOL"), domain = _config.GetValue<string>("NLE_URL"), port = _config.GetValue<string>("NLE_PORT"), key = _config.GetValue<string>("NLE_KEY") }; return Json(config); } Response.StatusCode = 401; return Json(new { protocol = "", domain = "", port = "", key = "" }); }